CVE-2007-0881

2007-02-12T20:28:00
ID CVE-2007-0881
Type cve
Reporter cve@mitre.org
Modified 2017-10-19T01:30:00

Description

PHP remote file inclusion vulnerability in the Seitenschutz plugin for OPENi-CMS 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the (1) config[oi_dir] and possibly (2) config[openi_dir] parameters to open-admin/plugins/site_protection/index.php. NOTE: vector 2 might be the same as CVE-2006-4750. Successful exploitation requires that "register_globals" is enabled.